Active Directory Elevation of Privilege Vulnerability

2020-02-11T08:00:00
ID MS:CVE-2020-0665
Type mscve
Reporter Microsoft
Modified 2020-02-12T08:00:00

Description

An elevation of privilege vulnerability exists in the way Active Directory handles information for domains in a transitively trusted forest. To exploit this vulnerability, an attacker would first need to compromise a transitively trusted Active Directory forest.

An attacker who successfully exploited this vulnerability could obtain administrative rights on a computer in a domain which trusts the Active Directory forest under the attacker's control.

This update addresses the vulnerability by correcting how Active Directory handles information for domains in transitively trusted forests.